Privacy Policy
How Overt Group, LLC handles information in connection with Crowd. Last updated 13 June 2026.
Crowd is dispatch and operations software for live events, provided by Overt Group, LLC ("Overt Group", "we", "us"). This policy explains what information we collect through the Crowd service and the website at oncrowd.net, how we use it, and the choices you have.
Two kinds of data, two roles
Crowd is used by organizations (event organizers, venues, and their teams). That creates two relationships:
- Data we control. Information about the people who run Crowd for an organization — staff accounts, and people who contact us — where Overt Group decides how it's used. This policy governs that data.
- Data we process for a customer. Information an organization collects through Crowd while running its event — most notably messages from attendees and the incident records its team creates. For that data the organization is responsible (the "controller") and Overt Group acts on its behalf (the "processor"). If you're an attendee or a member of an event's staff, direct privacy requests about that data to the organization running the event; we'll support them in responding.
Information we collect
Account and contact information
When an organization sets up staff accounts, we store names, email addresses, phone numbers, call signs, roles, and a secured (hashed) password and any two-factor credentials. If you contact us, we keep the messages you send and your contact details.
Content created in the service
Crowd stores the operational records your team creates: incidents and tickets, notes, assignments, timelines, and (for medical responses) patient care reports. Some of this content may include personal information, and patient care reports may include health information — see "Sensitive information" below.
Attendee messages
When an event publishes a number for attendees to text, we receive and store those messages and the sending phone number so the organization's dispatchers can read and respond to them, and so the conversation has a record.
Usage, device, and log data
We collect technical information needed to run and secure the service: sign-in and security events (recorded in an audit log), IP address, browser/device details, and, if you enable push notifications, a notification token for your device. The apps store some data locally on your device (including a cached copy of records and, on the Voyager field app, a hashed quick-unlock PIN if you set one) so they work offline.
How we use information
- To provide, maintain, and improve the service.
- To authenticate users and keep accounts and data secure.
- To send operational messages, including SMS notifications and push notifications to staff about assignments and all-call announcements.
- To deliver attendee messages to the organization's dispatchers and record the conversation.
- To provide support and respond to inquiries.
- To comply with legal obligations and enforce our terms.
SMS messaging
Crowd sends and receives text messages: notifications to staff, and two-way conversations with attendees who text an event's published number. Standard message and data rates may apply. Recipients can reply STOP to opt out of further messages. Attendee messages are recorded so the event's team has a record of what was reported and how it was handled. Organizations are responsible for telling attendees that texting the number creates a record and for any required consent.
Sensitive information
Medical responses may involve patient care reports that contain health information. Crowd restricts access to these records to authorized members of the organization's team, logs access, and supports "break-glass" emergency access that is recorded and flagged to supervisors. The organization running the event is responsible for how it collects and uses this information and for meeting any laws that apply to it.
Optional AI features
An organization may enable optional AI features that suggest a category and priority for an incident from a short description. When enabled, that text is sent to a third-party model provider to generate the suggestion; it is not used to train that provider's models, and it is not applied to medical records. These features are off unless an administrator turns them on. For exactly what data is sent, when, and where it goes, see AI Product Use.
How we share information
We do not sell personal information. We share it only:
- With the organization you belong to or are interacting with, as needed to run its event.
- With service providers who help us operate Crowd under confidentiality obligations — for example, cloud hosting, our SMS delivery provider, and (where AI features are enabled) a model provider.
- For legal reasons, when we believe disclosure is required by law or necessary to protect rights, safety, or the integrity of the service.
- In a business transfer, such as a merger or acquisition, subject to this policy.
Data retention
We keep information for as long as an account or event is active and as needed to provide the service, then for a reasonable period afterward to meet legal, accounting, and security needs. Organizations control much of their own data within the service and can ask us about deletion.
Security
We use technical and organizational measures to protect information, including encrypted connections, hashed passwords and PINs, role-based access controls, and audit logging. No system is perfectly secure, but we work to protect your data and to respond promptly if something goes wrong.
Your choices and rights
Depending on where you live, you may have rights to access, correct, or delete personal information, or to object to certain processing. For data an organization manages in Crowd (including attendee messages and incident records), contact that organization. For data we control, contact us at the address below and we'll respond as required by applicable law.
Children
Crowd is intended for use by event and venue staff and is not directed to children. We do not knowingly collect personal information from children through the service.
Changes to this policy
We may update this policy from time to time. When we make material changes, we'll update the date above and, where appropriate, provide additional notice.
Contact us
Questions about this policy or our privacy practices? Email hello@oncrowd.net.